ZenGRC Features

ZenGRC

Web-based governance, risk, and compliance solution

4.48/5 (23 reviews)

Competitor Feature Comparison

API
Access Controls/Permissions
Active Directory Integration
Activity Dashboard
Activity Tracking
Alerts/Notifications
Archiving & Retention
Audit Management
Audit Trail
Business Process Control
Compliance Management
Compliance Tracking
Configurable Workflow
Controls Audit
Dashboard
Data Import/Export
Event Logs
Event Tracking
HIPAA Compliant
ISO Compliance
IT Risk Management
Incident Management
Internal Controls Management
Issue Management
Legal Risk Management
Log Management
Operational Risk Management
PCI Assessment
PCI Compliance
PIA / DPIA
Policy Management
Project Management
Reporting/Analytics
Risk Assessment
Risk Management
Risk Reporting
Risk Scoring
Role-Based Permissions
Sarbanes-Oxley Compliance
Search/Filter
Secure Data Storage
Security Auditing
Sensitive Data Identification
Single Sign On
Task Management
Template Management
Third Party Integrations
Vendor Management
Version Control
Workflow Management
Visit WebsiteCompare App
API
Access Controls/Permissions
Active Directory Integration
Activity Dashboard
Activity Tracking
Alerts/Notifications
Archiving & Retention
Audit Management
Audit Trail
Business Process Control
Compliance Management
Compliance Tracking
Configurable Workflow
Controls Audit
Dashboard
Data Import/Export
Event Logs
Event Tracking
HIPAA Compliant
ISO Compliance
IT Risk Management
Incident Management
Internal Controls Management
Issue Management
Legal Risk Management
Log Management
Operational Risk Management
PCI Assessment
PCI Compliance
PIA / DPIA
Policy Management
Project Management
Reporting/Analytics
Risk Assessment
Risk Management
Risk Reporting
Risk Scoring
Role-Based Permissions
Sarbanes-Oxley Compliance
Search/Filter
Secure Data Storage
Security Auditing
Sensitive Data Identification
Single Sign On
Task Management
Template Management
Third Party Integrations
Vendor Management
Version Control
Workflow Management
Visit WebsiteCompare App
API
Access Controls/Permissions
Active Directory Integration
Activity Dashboard
Activity Tracking
Alerts/Notifications
Archiving & Retention
Audit Management
Audit Trail
Business Process Control
Compliance Management
Compliance Tracking
Configurable Workflow
Controls Audit
Dashboard
Data Import/Export
Event Logs
Event Tracking
HIPAA Compliant
ISO Compliance
IT Risk Management
Incident Management
Internal Controls Management
Issue Management
Legal Risk Management
Log Management
Operational Risk Management
PCI Assessment
PCI Compliance
PIA / DPIA
Policy Management
Project Management
Reporting/Analytics
Risk Assessment
Risk Management
Risk Reporting
Risk Scoring
Role-Based Permissions
Sarbanes-Oxley Compliance
Search/Filter
Secure Data Storage
Security Auditing
Sensitive Data Identification
Single Sign On
Task Management
Template Management
Third Party Integrations
Vendor Management
Version Control
Workflow Management
Visit WebsiteCompare App

ZenGRC Feature Reviews

22 reviewers had the following to say about ZenGRC's features:

Pramod A.

ZenGRC is a great workflow tool from starting a request to collect evidences and close out request.

2017-09-12

The audit report matrix gives a solid picture for management to track and find the status of the active audit.

Cons

There are some features that needs to be added to save time during evidence collection and verifying process.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Daily

Likelihood to recommend

7/10
Source: Capterra
Helpful?   Yes   No
Read more
Anonymous
(Events Services company, 51-200 employees)

Great Compliance / Audit Tool

2018-07-15

Automating our audit and compliance issues into one platform that is easily accessible when needed to pull these files.

Pros

We now have a tracking system for our compliance issues to resolve them swiftly and avoid fines and penalties to stay compliant.

Cons

There seems to be a lot of editing involved to download and/or export documents.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 2+ years

Frequency of use: Monthly

Likelihood to recommend

7/10
Source: Capterra
Helpful?   Yes   No
Read more
Leo C.

Best GRC tool I have used. It's easy and user friendly for risk and compliance requirements

2017-07-18

It does everything I need in a fraction of the time. It is efficient and very easy to navigate around.

Pros

All our compliance requirements in one central place and accessable by a few clicks of a button.

Cons

It needs more reporting and visual features as my target audience need more graphs and items to show different risk profiles, risk appetite, thresholds etc

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Daily

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
Ankit B.

Great GRC Tool

2017-12-10

Great Tool Overall

Pros

The evidence collection and workflows replaced what was an otherwise tedious and duplicative process with JIRA tickets.

Cons

Needs more reporting functions and different dashboard types A fair amount of things you have to edit by exporting to CSV, editing in your favorite spreadsheet app, then re-importing, so it would be nice if some of that functionality was built into the U

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 1-2 years

Frequency of use: Weekly

Likelihood to recommend

8/10
Source: Software Advice
Helpful?   Yes   No
Read more
Travis R.

ZenGRC Delivers Compliance and Automation

2017-11-10

What used to be a multi-step JIRA project with a manual review, then publishing to a separate project where our auditors could view the evidence, is now a simple workflow. This is a huge timesaver and makes the audit process as painless as possible.

Pros

Audit readiness dashboard is critical as you prepare for new compliance initiatives or are questioned on "how difficult" it would be to be to become compliant with a specific regulation or framework to close a deal.

Cons

The JIRA integration is improving in significant ways, however the complexity and manner with which we implemented JIRA makes an effective integration difficult and as a result the immediate integration is not as useful as we would like to see.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 1-2 years

Frequency of use: Weekly

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
Paul M.

Practical and straightforward approach to GRC Management

2020-06-02

PCI Assessments became more efficient with Objects, Controls, Requests, and Evidence migrated from spreadsheets and disparate file repositories to one system with relational mapping.

Pros

The ease of use and administration is well balanced with the functionality needed in a GRC tool. ZenGRC gets the job done without being overly complicated.

Cons

Our preference would have been to remain on-premises with better upgrade automation that ZenGRC Administrators could perform within the user interface.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 2+ years

Frequency of use: Daily

Likelihood to recommend

9/10
Source: Capterra
Helpful?   Yes   No
Read more
Steven B.

Powerful, extensible, and easy to use software. Excellent support and product roadmap.

2019-11-08

We're facilitating internal audits with ZenGRC, and the software does a great job of it.

Pros

Auditees can easily provide feedback, ask questions, and submit evidence for review. The workflows ZenGRC supports are both incredibly accessible and very powerful.

Cons

I wish the vendor/third party management module was receiving more attention, sooner, but the roadmap for its development has been conveyed to me, and I understand the timing.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 1-2 years

Frequency of use: Daily

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
Anonymous
(Financial Services company, 501-1000 employees)

Great customization for GRC software

2018-02-08

Pros

Software has a simple user interface which is easy to use and customize.

Cons

The reporting side could be better.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: Less than 6 months

Frequency of use: Occasionally

Source: Capterra
Helpful?   Yes   No
Read more
Dave A.

ZenGRC is a major part of our successful compliance programs

2017-09-22

Because it's so well organized we've managed to keep the required staff to manage compliance at a minimum.

Pros

I have been using ZenGRC for over two years now and it has been an essential tool helping us get and stay organized when we embarked on gaining a SOC 2 attestation. We have since been through two SOC 2 audits and are using ZenGRC to help us assess and remediate our gaps against ISO 27001.

Cons

That being said, that workflow is actually ideal for some tasks.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 2+ years

Frequency of use: Daily

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
William D.

Best Governance, Risk and Compliance tool on the market

2017-04-21

And best of all, Reciprocity has a vast library of compliance standards that are cross-linked.

Pros

Ease of use Relationships of objects Standards library

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: Less than 6 months

Frequency of use: Daily

Likelihood to recommend

10/10

Recommendations to others considering ZenGRC

Once we were comfortable with the software, we redesigned our risk management and policy management programs around the way the software works. It ended up being more intuitive that the way we were doing them before. It's a powerful tool that enables collaboration between the security, compliance and privacy teams.

Source: Capterra
Helpful?   Yes   No
Read more
Dana L.

ZenGRC is the perfect solution for our compliance and audit teams at our tech company

2017-09-19

Pros

ZenGRC has a nice user interface and is fairly intuitive to use.

Cons

I would love to see a way to use ZenGRC as a tool to automate audit workprograms, testing, spreadsheets and reporting.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Daily

Source: Capterra
Helpful?   Yes   No
Read more
Faisal A.

Effective and Efficient

2017-06-28

Pros

Since implementing ZenGRC, Vision Critical has improved our ability to effectively and efficiently manage our compliance audits.

Cons

We are anxiously awaiting storage integration with AWS S3 and will continue to review other potential solutions with Reciprocity labs.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Weekly

Likelihood to recommend

8/10
Source: Capterra
Helpful?   Yes   No
Read more
Justin G.

Great for our needs

2020-06-19

Since our compliance team is small ZenGRC has helped us to be able to management the requirements better and be more prepared for audits.

Pros

ZenGRC is great for our team since we have one contract with a lot of requirements. The software gave us the ability to customize without the added costs with other off-the-shelter software.

Cons

Although this is a minor concern, I wish the software would allow for renaming the main attributes. We use different terminology from the software and is confusing for some of the users.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Weekly

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
Todd e.

Excellent Support

2020-06-08

ZenGRC provides me a great quick view of the compliance of my systems.

Pros

The software is easy to use once you become familiar with how to accomplish tasks.

Cons

Some features seem to have limited capability but support took my ideas on how the software could be improved.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Daily

Likelihood to recommend

9/10
Source: Capterra
Helpful?   Yes   No
Read more
Gerald K.

Great especially for multiple certifications

2020-10-07

Great support and team. We've been able to very easily translate a lot of the work we've done for one certification (ISO) to another regime (HIPAA), identify changes and gaps, and be ready for an audit under the new regime.

Pros

Helps to map requirements and controls from multiple certification regimes over to others so you don't spend a lot of time duplicating and re-documenting work.

Cons

The various levels of concepts are bit confusing, especially as some of the frameworks have to be imported, and you have to decide which frameworks to use up front, without a lot of context about what the differences are.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 6-12 months

Frequency of use: Weekly

Likelihood to recommend

8/10
Source: Capterra
Helpful?   Yes   No
Read more
Gemma B.

Streamlining issue management

2017-04-11

We used to spend a ton of time sending emails to manage issue tracking and resolution for audits.

Rating breakdown

Value for money
Ease of use
Features
Customer support
Source: Capterra
Helpful?   Yes   No
Read more
Sara J.

Intuitive and User-friendly Approach to Managing Complex Business Processes

2017-08-17

It's essential to meet these objectives not only for legal, security, and governance, but also in furthering and enhancing mobility capabilities across the enterprise, and add new solutions as the proliferation of connected devices continues to accelerate.

Pros

Its intuitive, easy to follow workflows in managing the complexity of rapidly changing and dynamic requirements in compliance, governance, and security are issues that are top of mind early in the product design and discovery phase.

Cons

The only cons are related to having not used the product as an end user, but rather evaluated from demos, meetings, and whitepapers to enhance customer value and as a potential partner.

Rating breakdown

Ease of use
Features

Time used: Free Trial

Frequency of use: Occasionally

Likelihood to recommend

9/10
Source: Software Advice
Helpful?   Yes   No
Read more
Darcy K.

ZenGRC Product and Team is great to work with

2018-05-23

Pros

The team loves the flexibility of the tool, and how we can adapt the models to work that is not traditional controls development, testing and tracking.

Cons

I cannot think of anything my team does not like about the product and services. We are very happy with out purchase.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 2+ years

Frequency of use: Daily

Source: Capterra
Helpful?   Yes   No
Read more
Andrew W.

Logical and minimal approach to GRC saves time!

2018-05-21

One of the biggest benefits that has made a huge impact is the time savings we've achieved in our IT Security group by using ZenGRC.

Pros

During our testing period, we were able to quickly create a Sarbanes-Oxley program, using both their template import and the GUI, in a matter of days.

Cons

ZenGRC staff do redeem themselves on this front as they're quick to respond to feature requests and have already implemented several suggestions our team has submitted.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: Less than 6 months

Frequency of use: Daily

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
Julie M.

Reciprocity is an invaluable partner in meeting our data management needs.

2017-11-15

Pros

The technical folks also understand our use case and suggest different ways for us to think about our data and how best to represent it.

Cons

While many of the changes to the system have been helpful, the constant changes can be hard to keep up with and difficult to plan how to expand our use of the system.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 2+ years

Frequency of use: Weekly

Likelihood to recommend

9/10
Source: Capterra
Helpful?   Yes   No
Read more
Pramod A.

I have been actively using this tool for my PCI and SOC2 audit. This a great workflow tool.

2018-04-10

I am able to manage multiple audits and collect and test evidences from different customer with less amount of manual work.l

Pros

Managing multiple audits in one platform in the past we used to track our communication via email and in spreadsheet and now we can have log of each communication via this tool.

Cons

Audit manager are not able to choose the request template based on the different types of audit frameworks.

Rating breakdown

Value for money
Ease of use
Features
Customer support

Time used: 1-2 years

Frequency of use: Daily

Likelihood to recommend

10/10
Source: Capterra
Helpful?   Yes   No
Read more
David K.

Audit Management Made Easy

2017-03-31

The system is flexible, easy to use and constantly improving with regular updates.

Rating breakdown

Value for money
Ease of use
Features
Customer support
Source: Capterra
Helpful?   Yes   No

Response from RECIPROCITY


Thanks for submitting your review! We're pleased to hear that you are getting a lot of value out of ZenGRC.

Read more